Description
SQL Injection vulnerability in Limesurvey v2.65.1+170522. This vulnerability allows an attacker to retrieve, create, update and delete database via 'token' parameter in '/index.php' endpoint.
Remediation
References
Related Vulnerabilities
XWiki Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2023-29517)
Oracle Database Server CVE-2010-0900 Vulnerability (CVE-2010-0900)
WordPress Plugin YITH WooCommerce Product Add-Ons Security Bypass (1.5.21)
WebLogic Uncontrolled Resource Consumption Vulnerability (CVE-2025-21549)